Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make installing -dev package "just work" and pull in all other dev libraries it needs #1522

Merged
merged 2 commits into from
Oct 10, 2024
Merged

Make installing -dev package "just work" and pull in all other dev libraries it needs #1522

merged 2 commits into from
Oct 10, 2024

Conversation

xnox
Copy link
Contributor

@xnox xnox commented Sep 27, 2024
edited
Loading

Developer impact:

I want to compile and link against curl, i installed curl-dev and nothing works, i even installed openssl-dev and everything still does not work:

diff --git a/scans/curl.yaml.scan b/scans/curl.yaml.scan
index 98c235989..5260fd010 100644
--- a/scans/curl.yaml.scan
+++ b/scans/curl.yaml.scan
@@ -13,6 +13,11 @@ depend = brotli-dev
 depend = libpsl-dev
 depend = nghttp2-dev
 depend = openssl-dev
+depend = pc:libbrotlidec
+depend = pc:libnghttp2
+depend = pc:libpsl
+depend = pc:openssl
+depend = pc:zlib
 depend = so:libcurl.so.4
 provides = cmd:curl-config=8.10.1-r1
 provides = pc:libcurl=8.10.1-r1

With this change curl-dev automatically gains depends on openssl zlib libpsl libnghttp2 libbrotlidec dev packages to ensure that building and linking against curl-dev "just works".

  • generateRuntimePkgConfigDeps: only do so for public .pc, not vendored
    The existing neom test case of vendored .pc files verifies this, and
    fails, when this feature is turned on.

    The diff is ugly, but it moves and indents the if generateRuntimePkgConfigDeps{} to be nested in the if isInDir(){}
    first condition for public files.

  • Enable pc file dependencies
    Downloaded and extracted 1,030 .pc files from wolfi (base on 24th
    September file listing of all packages from @dustin).

    Executing pkgconf --exist on them revieled that 57 of them declare
    dependencies that do not, in fact exist.

    It is safe to turn pc: depends, as for vast majority of packages they
    will work correctly.

    For the 57 broken ones, there is now test/pkgconf pipeline, and one
    genuinely has to fix those. By either packaging libraries that are
    declared as required, ensuring those dependant libraries ship
    pkgconfig file, or patch/remove said broken pkgconfig file.

    Out of the sample of 1,030 .pc files, the 788 of them do have
    requirements declared. Thus they will need rebuilds to gain the
    correct dependencies. These however are in just 469 binary packages,
    some of which come from the same origin. Thus roughly at most 400 or
    so origins to rebuild.

    Furthermore wolfi pre-submit, install apk check will catch the broken
    -dev packages that cannot be installed.

    With this feature enabled, build log has:

    2024/09/27 23:44:24 INFO scanning for pkg-config data...
2024/09/27 23:44:24 INFO   found pkg-config libarchive for usr/lib/pkgconfig/libarchive.pc
...
2024/09/27 23:44:24 INFO   found pkg-config dependency (requires private) libcrypto for usr/lib/pkgconfig/libarchive.pc
...
2024/09/27 23:44:24 INFO   runtime:
2024/09/27 23:44:24 INFO     bzip2-dev
2024/09/27 23:44:24 INFO     lz4-dev
...
2024/09/27 23:44:24 INFO     pc:libcrypto
...
2024/09/27 23:44:24 INFO     so:libarchive.so.13
2024/09/27 23:44:24 INFO     xz-dev
2024/09/27 23:44:24 INFO     zlib-dev
2024/09/27 23:44:24 INFO     zstd-dev
2024/09/27 23:44:24 INFO   provides:
2024/09/27 23:44:24 INFO     pc:libarchive=3.7.6-r0

    These extra new dependency generated pc:libcrypto which upon
    installing libarchive-dev allows one to use it straight away for both
    dynamic and static linking.

    Note all of our public pc files already generated provides:

    $ apk info --provides openssl-dev
openssl-dev-3.3.2-r0 provides:
pc:libcrypto=3.3.2
pc:libssl=3.3.2
pc:openssl=3.3.2

@xnox xnox requested a review from dustinkirkland September 27, 2024 22:53
@mattmoor

This comment was marked as outdated.

Sign in to view
@xnox

This comment was marked as outdated.

Sign in to view
@dustinkirkland dustinkirkland mentioned this pull request Oct 3, 2024
Merged
@xnox

This comment was marked as outdated.

Sign in to view
@mattmoor
Copy link
Member

mattmoor commented Oct 7, 2024

👨‍🍳 💋

@philroche

This comment was marked as outdated.

Sign in to view
xnox added a commit to xnox/melange that referenced this pull request Oct 8, 2024
@xnox
fix: pc provides
6852793 
As discovered in chainguard-dev#1522
and ongoing test pipelines of pc files discrepancy discovered between
wolfi configured pkgconf and what melange generates.

In wolfi https://github.com/wolfi-dev/os/blob/9ad9b181cee6bc20fd090b942c2355990724bf7c/pkgconf.yaml#L39

pkgconf installs pc-files into "usr/lib" ("usr/lib64" is acceptable
too, because of lib64->lib link in base layout) and into
"usr/share". However "usr/share" is not considered public by melange,
but should be. As "architecture independent" pc files are there, for
example for header-only libraries.

Align locations acceptable by our pkgconf to match locations to also
be considred by melage as public for pc: dependencies and provides.

This will unblock rebuilding xorgproto, and unblock merging and
enabling automatic pc depends.

Impact on wolfi
===============

These locations have no pc files in wolfi:

```
$ grep -e ':/lib64/pkgconfig' -e ':/lib/pkgconfig' -e ':/usr/local/pkgconfig' FILES | wc -l
0
```

These newly added locations, which are accepted by pkgconf, will generate new provides:

```
$ grep -e ':/usr/local/share/pkgconfig/.*.pc' -e ':/usr/share/pkgconfig/.*.pc' FILES | sort
bash-completion-2.14.0-r1:/usr/share/pkgconfig/bash-completion.pc
Catch2-dev-3.7.1-r0:/usr/share/pkgconfig/catch2.pc
Catch2-dev-3.7.1-r0:/usr/share/pkgconfig/catch2-with-main.pc
cli11-2.4.2-r1:/usr/share/pkgconfig/CLI11.pc
eigen-dev-3.4.0-r3:/usr/share/pkgconfig/eigen3.pc
eudev-dev-3.2.14-r2:/usr/share/pkgconfig/udev.pc
fish-dev-3.7.1-r1:/usr/share/pkgconfig/fish.pc
gi-docgen-2024.1-r0:/usr/local/share/pkgconfig/gi-docgen.pc
gtk-doc-1.34.0-r0:/usr/share/pkgconfig/gtk-doc.pc
hicolor-icon-theme-0.18-r0:/usr/share/pkgconfig/default-icon-theme.pc
hwdata-dev-0.388-r0:/usr/share/pkgconfig/hwdata.pc
iso-codes-dev-4.17.0-r0:/usr/share/pkgconfig/iso-codes.pc
kmod-dev-33-r0:/usr/share/pkgconfig/kmod.pc
nlohmann-json-3.11.3-r1:/usr/share/pkgconfig/nlohmann_json.pc
py3.10-pybind11-2.13.6-r1:/usr/share/pkgconfig/pybind11.pc
py3.11-pybind11-2.13.6-r1:/usr/share/pkgconfig/pybind11.pc
py3.12-pybind11-2.13.6-r1:/usr/share/pkgconfig/pybind11.pc
py3.13-pybind11-2.13.6-r1:/usr/share/pkgconfig/pybind11.pc
py3-gi-docgen-2024.1-r0:/usr/share/pkgconfig/gi-docgen.pc
py3-pybind11-dev-2.13.4-r0:/usr/share/pkgconfig/pybind11.pc
scdoc-1.11.3-r0:/usr/share/pkgconfig/scdoc.pc
shared-mime-info-2.4-r1:/usr/share/pkgconfig/shared-mime-info.pc
spirv-headers-1.3.261.1-r2:/usr/share/pkgconfig/SPIRV-Headers.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_client.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_delta.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_diff.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_fs_fs.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_fs.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_fs_util.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_fs_x.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_ra_local.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_ra.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_ra_serf.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_ra_svn.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_repos.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_subr.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_wc.pc
systemd-dev-256.6-r2:/usr/share/pkgconfig/systemd.pc
systemd-dev-256.6-r2:/usr/share/pkgconfig/udev.pc
util-macros-1.20.1-r0:/usr/share/pkgconfig/xorg-macros.pc
wayland-protocols-1.37-r0:/usr/share/pkgconfig/wayland-protocols.pc
xbitmaps-dev-1.1.3-r1:/usr/share/pkgconfig/xbitmaps.pc
xcb-proto-1.17.0-r1:/usr/share/pkgconfig/xcb-proto.pc
xkeyboard-config-dev-2.43-r0:/usr/share/pkgconfig/xkeyboard-config.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/applewmproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/bigreqsproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/compositeproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/damageproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/dmxproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/dpmsproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/dri2proto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/dri3proto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/fixesproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/fontsproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/glproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/inputproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/kbproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/presentproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/randrproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/recordproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/renderproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/resourceproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/scrnsaverproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/videoproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xcmiscproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xextproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xf86bigfontproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xf86dgaproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xf86driproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xf86vidmodeproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xineramaproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xwaylandproto.pc
xtrans-1.5.0-r2:/usr/share/pkgconfig/xtrans.pc
yajl-dev-2.1.0-r4:/usr/share/pkgconfig/yajl.pc
```

Which are currently missing.
@xnox xnox mentioned this pull request Oct 8, 2024
Merged
xnox added a commit to xnox/melange that referenced this pull request Oct 8, 2024
@xnox
fix: pc provides
f1aa01c 
As discovered in chainguard-dev#1522
and ongoing test pipelines of pc files discrepancy discovered between
wolfi configured pkgconf and what melange generates.

In wolfi https://github.com/wolfi-dev/os/blob/9ad9b181cee6bc20fd090b942c2355990724bf7c/pkgconf.yaml#L39

pkgconf installs pc-files into "usr/lib" ("usr/lib64" is acceptable
too, because of lib64->lib link in base layout) and into
"usr/share". However "usr/share" is not considered public by melange,
but should be. As "architecture independent" pc files are there, for
example for header-only libraries.

Align locations acceptable by our pkgconf to match locations to also
be considred by melage as public for pc: dependencies and provides.

This will unblock rebuilding xorgproto, and unblock merging and
enabling automatic pc depends.

Impact on wolfi
===============

These locations have no pc files in wolfi:

```
$ grep -e ':/lib64/pkgconfig' -e ':/lib/pkgconfig' -e ':/usr/local/pkgconfig' FILES | wc -l
0
```

These newly added locations, which are accepted by pkgconf, will generate new provides:

```
$ grep -e ':/usr/local/share/pkgconfig/.*.pc' -e ':/usr/share/pkgconfig/.*.pc' FILES | sort
bash-completion-2.14.0-r1:/usr/share/pkgconfig/bash-completion.pc
Catch2-dev-3.7.1-r0:/usr/share/pkgconfig/catch2.pc
Catch2-dev-3.7.1-r0:/usr/share/pkgconfig/catch2-with-main.pc
cli11-2.4.2-r1:/usr/share/pkgconfig/CLI11.pc
eigen-dev-3.4.0-r3:/usr/share/pkgconfig/eigen3.pc
eudev-dev-3.2.14-r2:/usr/share/pkgconfig/udev.pc
fish-dev-3.7.1-r1:/usr/share/pkgconfig/fish.pc
gi-docgen-2024.1-r0:/usr/local/share/pkgconfig/gi-docgen.pc
gtk-doc-1.34.0-r0:/usr/share/pkgconfig/gtk-doc.pc
hicolor-icon-theme-0.18-r0:/usr/share/pkgconfig/default-icon-theme.pc
hwdata-dev-0.388-r0:/usr/share/pkgconfig/hwdata.pc
iso-codes-dev-4.17.0-r0:/usr/share/pkgconfig/iso-codes.pc
kmod-dev-33-r0:/usr/share/pkgconfig/kmod.pc
nlohmann-json-3.11.3-r1:/usr/share/pkgconfig/nlohmann_json.pc
py3.10-pybind11-2.13.6-r1:/usr/share/pkgconfig/pybind11.pc
py3.11-pybind11-2.13.6-r1:/usr/share/pkgconfig/pybind11.pc
py3.12-pybind11-2.13.6-r1:/usr/share/pkgconfig/pybind11.pc
py3.13-pybind11-2.13.6-r1:/usr/share/pkgconfig/pybind11.pc
py3-gi-docgen-2024.1-r0:/usr/share/pkgconfig/gi-docgen.pc
py3-pybind11-dev-2.13.4-r0:/usr/share/pkgconfig/pybind11.pc
scdoc-1.11.3-r0:/usr/share/pkgconfig/scdoc.pc
shared-mime-info-2.4-r1:/usr/share/pkgconfig/shared-mime-info.pc
spirv-headers-1.3.261.1-r2:/usr/share/pkgconfig/SPIRV-Headers.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_client.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_delta.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_diff.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_fs_fs.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_fs.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_fs_util.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_fs_x.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_ra_local.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_ra.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_ra_serf.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_ra_svn.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_repos.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_subr.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_wc.pc
systemd-dev-256.6-r2:/usr/share/pkgconfig/systemd.pc
systemd-dev-256.6-r2:/usr/share/pkgconfig/udev.pc
util-macros-1.20.1-r0:/usr/share/pkgconfig/xorg-macros.pc
wayland-protocols-1.37-r0:/usr/share/pkgconfig/wayland-protocols.pc
xbitmaps-dev-1.1.3-r1:/usr/share/pkgconfig/xbitmaps.pc
xcb-proto-1.17.0-r1:/usr/share/pkgconfig/xcb-proto.pc
xkeyboard-config-dev-2.43-r0:/usr/share/pkgconfig/xkeyboard-config.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/applewmproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/bigreqsproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/compositeproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/damageproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/dmxproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/dpmsproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/dri2proto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/dri3proto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/fixesproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/fontsproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/glproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/inputproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/kbproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/presentproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/randrproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/recordproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/renderproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/resourceproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/scrnsaverproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/videoproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xcmiscproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xextproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xf86bigfontproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xf86dgaproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xf86driproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xf86vidmodeproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xineramaproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xwaylandproto.pc
xtrans-1.5.0-r2:/usr/share/pkgconfig/xtrans.pc
yajl-dev-2.1.0-r4:/usr/share/pkgconfig/yajl.pc
```

Which are currently missing.
@xnox xnox mentioned this pull request Oct 10, 2024
Merged
k4leung4 pushed a commit to wolfi-dev/os that referenced this pull request Oct 10, 2024
@xnox
Fix missing "pc=" provides that are otherwise referenced as Required (#…
8e3138f 
…30360)

- **jsoncpp: rebuild with fixed melange cmake pipeline to get valid
build and valid .pc**
  

- **libpng: provide manual SCA .pc provides for an unusual symlinked
.pc**
  

- **utmps: remove custom .pc file, not shipped by upstream and it has
invalid requirements**
  

- **xorgproto: rebuild with fixed melange SCA to generate proto.pc
files**
  

- **leptonic: rebuild with fixed melange cmake pipeline to get a valid
.pc**
  

- **xorgproto: rebuild with fixed melange SCA to generate .pc provide**
  

- **ncurses: provide manual SCA .pc provides for an unusual symlinked
.pc**
  

Fix all remaining cases of missing "pc=" provides, which are referenced
by any currently available .pc file in wolfi. Landing this change,
unblocks turning on melange SCA option to start generating depends on
"pc=" files. I.e. such that installing a -dev package, correctly
installs all of it's build time dependencies.

Newly added correct pc files:
-
https://apk.dag.dev/https/apk.cgr.dev/wolfi-presubmit/eec5a43a76d4963b00261f5d337d0324e59e741e/aarch64/jsoncpp-dev-1.9.6-r2.apk@etag:8b0192ec32ea153fd8967f4283bcca51/.PKGINFO
-
https://apk.dag.dev/https/apk.cgr.dev/wolfi-presubmit/eec5a43a76d4963b00261f5d337d0324e59e741e/aarch64/leptonica-dev-1.84.1-r3.apk@etag:6a2393009bd5bef85ef5d463bf3f469e/.PKGINFO
-
https://apk.dag.dev/https/apk.cgr.dev/wolfi-presubmit/eec5a43a76d4963b00261f5d337d0324e59e741e/aarch64/libpng-dev-1.6.44-r1.apk@etag:760f765d10791557f38042659b960af6/.PKGINFO
-
https://apk.dag.dev/https/apk.cgr.dev/wolfi-presubmit/eec5a43a76d4963b00261f5d337d0324e59e741e/aarch64/ncurses-dev-6.5_p20240629-r1.apk@etag:c174b563176a62be4bd67cbcc2dab54c/.PKGINFO
-
https://apk.dag.dev/https/apk.cgr.dev/wolfi-presubmit/eec5a43a76d4963b00261f5d337d0324e59e741e/aarch64/shared-mime-info-2.4-r2.apk@etag:a97167888e9ffaed89eeed6fad3e1def/.PKGINFO
-
https://apk.dag.dev/https/apk.cgr.dev/wolfi-presubmit/eec5a43a76d4963b00261f5d337d0324e59e741e/aarch64/xorgproto-2024.1-r2.apk@etag:264dea4b3321f6812ee88c943fcc6123/.PKGINFO

Remove broken pc file:
-
https://apk.dag.dev/https/apk.cgr.dev/wolfi-presubmit/eec5a43a76d4963b00261f5d337d0324e59e741e/aarch64/utmps-dev-0.1.2.3-r1.apk@etag:bd555f57bf5bfb5d689989f250ab4937/.PKGINFO

Landing this change will allow to enable automatic provides in
chainguard-dev/melange#1522
@xnox xnox mentioned this pull request Oct 10, 2024
Merged
xnox added 2 commits October 10, 2024 15:52
@xnox
generateRuntimePkgConfigDeps: only do so for public .pc, not vendored
3d098dd 
The existing neom test case of vendored .pc files verifies this, and
fails, when this feature is turned on.

The diff is ugly, but it moves and indents the `if
generateRuntimePkgConfigDeps{}` to be nested in the `if isInDir(){}`
first condition for public files.
@xnox
Enable pc file dependencies
35e25a1 
Downloaded and extracted 1,030 .pc files from wolfi (base on 24th
September file listing of all packages from @dustin).

Executing `pkgconf --exist` on them revieled that 57 of them declare
dependencies that do not, in fact exist.

It is safe to turn pc: depends, as for vast majority of packages they
will work correctly.

For the 57 broken ones, there is now test/pkgconf pipeline, and one
genuinely has to fix those. By either packaging libraries that are
declared as required, ensuring those dependant libraries ship
pkgconfig file, or patch/remove said broken pkgconfig file.

Out of the sample of 1,030 .pc files, the 788 of them do have
requirements declared. Thus they will need rebuilds to gain the
correct dependencies. These however are in just 469 binary packages,
some of which come from the same origin. Thus roughly at most 400 or
so origins to rebuild.

Furthermore wolfi pre-submit, install apk check will catch the broken
-dev packages that cannot be installed.

With this feature enabled, build log has:

```
2024/09/27 23:44:24 INFO scanning for pkg-config data...
2024/09/27 23:44:24 INFO   found pkg-config libarchive for usr/lib/pkgconfig/libarchive.pc
...
2024/09/27 23:44:24 INFO   found pkg-config dependency (requires private) libcrypto for usr/lib/pkgconfig/libarchive.pc
...
2024/09/27 23:44:24 INFO   runtime:
2024/09/27 23:44:24 INFO     bzip2-dev
2024/09/27 23:44:24 INFO     lz4-dev
...
2024/09/27 23:44:24 INFO     pc:libcrypto
...
2024/09/27 23:44:24 INFO     so:libarchive.so.13
2024/09/27 23:44:24 INFO     xz-dev
2024/09/27 23:44:24 INFO     zlib-dev
2024/09/27 23:44:24 INFO     zstd-dev
2024/09/27 23:44:24 INFO   provides:
2024/09/27 23:44:24 INFO     pc:libarchive=3.7.6-r0
```

These extra new dependency generated `pc:libcrypto` which upon
installing libarchive-dev allows one to use it straight away for both
dynamic and static linking.

Note all of our public pc files already generated provides:

```
$ apk info --provides openssl-dev
openssl-dev-3.3.2-r0 provides:
pc:libcrypto=3.3.2
pc:libssl=3.3.2
pc:openssl=3.3.2
```
@xnox
Copy link
Contributor Author

xnox commented Oct 10, 2024
edited
Loading

A full rescan (using internal-only mount https://chainguard.engineering/docs/squads/tools/mount-wolfi/ ) shows that these dependencies will be added:

xnox/os@1fad499

All of them exists and are available.

It is not entirely deterministic depends, because there are multiple providers of the same .pc files:

$ git grep -h provides scans/ | cut -d= -f1-2 | grep pc: | sort | uniq -c | grep -v '1 provides'
      2 provides = pc:egl
      2 provides = pc:fontsproto
      2 provides = pc:gdal
      2 provides = pc:gi-docgen
      2 provides = pc:gl
      2 provides = pc:glesv1_cm
      2 provides = pc:glesv2
      2 provides = pc:kadm-client
      2 provides = pc:kadm-server
      2 provides = pc:krb5
      2 provides = pc:krb5-gssapi
      2 provides = pc:libecpg
      2 provides = pc:libecpg_compat
      2 provides = pc:libisoburn-1
      2 provides = pc:libpgtypes
      2 provides = pc:libpq
      2 provides = pc:libtirpc
      2 provides = pc:libudev
      2 provides = pc:mimalloc
      4 provides = pc:pybind11
      2 provides = pc:simdjson
      2 provides = pc:SPIRV-Tools
      2 provides = pc:SPIRV-Tools-shared
      2 provides = pc:tbb
      2 provides = pc:udev
      2 provides = pc:xkbfile
      2 provides = pc:xproto
      2 provides = pc:xscrnsaver

Some are intentional (udev & eudev) but some may need a closer look in case we have naming clashes here. This may need upstream bug reports.

@xnox
Copy link
Contributor Author

xnox commented Oct 10, 2024

Given analysis in #1522 (comment) I believe this is ready to land, and is safe to do so, and it will simplify "apk add foo-dev" which will pull in all the right "bar-dev baz-dev" that are also required.

xnox added a commit to wolfi-dev/os that referenced this pull request Oct 10, 2024
@xnox
Rebuild packages for missing pc: provides (#30529)
5ce6f5c 
Using melange scan on all existing packages, relative older scan
results, shows that recent melange improvements to generating pc:
provides would result in these packages exposing pc: provides.

This aids in discovery of what development packages one needs to
install to query correct installation paths for Wolfi.

The following provides will be added:

```
 pc:audit=4.0.2-r0
 pc:auparse=4.0.2-r0
 pc:bash-completion=2.14.0-r1
 pc:catch2=3.7.1-r0
 pc:CLI11=2.4.2-r1
 pc:default-icon-theme=0.18-r0
 pc:eigen3=3.4.0-r3
 pc:fish=3.7.1-r1
 pc:gi-docgen=2024.1-r0
 pc:gtk-doc=1.34.0-r0
 pc:hwdata=0.388-r0
 pc:iso-codes=4.17.0-r0
 pc:kmod=33-r0
 pc:libeconf=0.7.4-r0
 pc:libecpg=6777-r0
 pc:libecpg_compat=6777-r0
 pc:libpgtypes=6777-r0
 pc:libpq=6777-r0
 pc:librtmp=2.6_git20241005-r0
 pc:libsvn_client=1.14.3-r1
 pc:libsvn_delta=1.14.3-r1
 pc:libsvn_diff=1.14.3-r1
 pc:libsvn_fs=1.14.3-r1
 pc:libsvn_fs_fs=1.14.3-r1
 pc:libsvn_fs_util=1.14.3-r1
 pc:libsvn_fs_x=1.14.3-r1
 pc:libsvn_ra=1.14.3-r1
 pc:libsvn_ra_local=1.14.3-r1
 pc:libsvn_ra_serf=1.14.3-r1
 pc:libsvn_ra_svn=1.14.3-r1
 pc:libsvn_repos=1.14.3-r1
 pc:libsvn_subr=1.14.3-r1
 pc:libsvn_wc=1.14.3-r1
 pc:nlohmann_json=3.11.3-r1
 pc:numpy=0.6.1-r0
 pc:scdoc=1.11.3-r0
 pc:shared-mime-info=2.4-r1
 pc:SPIRV-Headers=1.3.261.1-r2
 pc:systemd=256.6-r2
 pc:udev=256.6-r2
 pc:udev=3.2.14-r2
 pc:vterm=0.3.3-r0
 pc:xbitmaps=1.1.3-r1
 pc:xkeyboard-config=2.43-r0
 pc:xorg-macros=1.20.1-r0
 pc:xtrans=1.5.0-r2
 pc:yajl=2.1.0-r4
```

Reference: chainguard-dev/melange#1522
@xnox xnox changed the title enable pc Make installing -dev package "just work" and pull in all other dev libraries it needs Oct 10, 2024
@dustinkirkland
Copy link
Contributor

That would be amazing :-)

lyoung-confluent pushed a commit to lyoung-confluent/melange that referenced this pull request Oct 10, 2024
@xnox @lyoung-confluent
fix: pc provides
b61281e 
As discovered in chainguard-dev#1522
and ongoing test pipelines of pc files discrepancy discovered between
wolfi configured pkgconf and what melange generates.

In wolfi https://github.com/wolfi-dev/os/blob/9ad9b181cee6bc20fd090b942c2355990724bf7c/pkgconf.yaml#L39

pkgconf installs pc-files into "usr/lib" ("usr/lib64" is acceptable
too, because of lib64->lib link in base layout) and into
"usr/share". However "usr/share" is not considered public by melange,
but should be. As "architecture independent" pc files are there, for
example for header-only libraries.

Align locations acceptable by our pkgconf to match locations to also
be considred by melage as public for pc: dependencies and provides.

This will unblock rebuilding xorgproto, and unblock merging and
enabling automatic pc depends.

Impact on wolfi
===============

These locations have no pc files in wolfi:

```
$ grep -e ':/lib64/pkgconfig' -e ':/lib/pkgconfig' -e ':/usr/local/pkgconfig' FILES | wc -l
0
```

These newly added locations, which are accepted by pkgconf, will generate new provides:

```
$ grep -e ':/usr/local/share/pkgconfig/.*.pc' -e ':/usr/share/pkgconfig/.*.pc' FILES | sort
bash-completion-2.14.0-r1:/usr/share/pkgconfig/bash-completion.pc
Catch2-dev-3.7.1-r0:/usr/share/pkgconfig/catch2.pc
Catch2-dev-3.7.1-r0:/usr/share/pkgconfig/catch2-with-main.pc
cli11-2.4.2-r1:/usr/share/pkgconfig/CLI11.pc
eigen-dev-3.4.0-r3:/usr/share/pkgconfig/eigen3.pc
eudev-dev-3.2.14-r2:/usr/share/pkgconfig/udev.pc
fish-dev-3.7.1-r1:/usr/share/pkgconfig/fish.pc
gi-docgen-2024.1-r0:/usr/local/share/pkgconfig/gi-docgen.pc
gtk-doc-1.34.0-r0:/usr/share/pkgconfig/gtk-doc.pc
hicolor-icon-theme-0.18-r0:/usr/share/pkgconfig/default-icon-theme.pc
hwdata-dev-0.388-r0:/usr/share/pkgconfig/hwdata.pc
iso-codes-dev-4.17.0-r0:/usr/share/pkgconfig/iso-codes.pc
kmod-dev-33-r0:/usr/share/pkgconfig/kmod.pc
nlohmann-json-3.11.3-r1:/usr/share/pkgconfig/nlohmann_json.pc
py3.10-pybind11-2.13.6-r1:/usr/share/pkgconfig/pybind11.pc
py3.11-pybind11-2.13.6-r1:/usr/share/pkgconfig/pybind11.pc
py3.12-pybind11-2.13.6-r1:/usr/share/pkgconfig/pybind11.pc
py3.13-pybind11-2.13.6-r1:/usr/share/pkgconfig/pybind11.pc
py3-gi-docgen-2024.1-r0:/usr/share/pkgconfig/gi-docgen.pc
py3-pybind11-dev-2.13.4-r0:/usr/share/pkgconfig/pybind11.pc
scdoc-1.11.3-r0:/usr/share/pkgconfig/scdoc.pc
shared-mime-info-2.4-r1:/usr/share/pkgconfig/shared-mime-info.pc
spirv-headers-1.3.261.1-r2:/usr/share/pkgconfig/SPIRV-Headers.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_client.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_delta.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_diff.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_fs_fs.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_fs.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_fs_util.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_fs_x.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_ra_local.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_ra.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_ra_serf.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_ra_svn.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_repos.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_subr.pc
subversion-dev-1.14.3-r1:/usr/share/pkgconfig/libsvn_wc.pc
systemd-dev-256.6-r2:/usr/share/pkgconfig/systemd.pc
systemd-dev-256.6-r2:/usr/share/pkgconfig/udev.pc
util-macros-1.20.1-r0:/usr/share/pkgconfig/xorg-macros.pc
wayland-protocols-1.37-r0:/usr/share/pkgconfig/wayland-protocols.pc
xbitmaps-dev-1.1.3-r1:/usr/share/pkgconfig/xbitmaps.pc
xcb-proto-1.17.0-r1:/usr/share/pkgconfig/xcb-proto.pc
xkeyboard-config-dev-2.43-r0:/usr/share/pkgconfig/xkeyboard-config.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/applewmproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/bigreqsproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/compositeproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/damageproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/dmxproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/dpmsproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/dri2proto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/dri3proto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/fixesproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/fontsproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/glproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/inputproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/kbproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/presentproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/randrproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/recordproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/renderproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/resourceproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/scrnsaverproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/videoproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xcmiscproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xextproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xf86bigfontproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xf86dgaproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xf86driproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xf86vidmodeproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xineramaproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xproto.pc
xorgproto-2024.1-r1:/usr/share/pkgconfig/xwaylandproto.pc
xtrans-1.5.0-r2:/usr/share/pkgconfig/xtrans.pc
yajl-dev-2.1.0-r4:/usr/share/pkgconfig/yajl.pc
```

Which are currently missing.
@dustinkirkland
Copy link
Contributor

I support and agree with the idea, design, and end results. I defer to @jonjohnsonjr and @joshrwolf on the code review of sca.go.

@kaniini
Copy link
Contributor

kaniini commented Oct 10, 2024

This design is basically the same as we are doing in Alpine, so it's certainly a valid approach. One thing to be aware of is that you probably want to also add virtual dependencies for CMake modules, since CMake decided to NIH the pkg-config concept...

smoser
smoser reviewed Oct 10, 2024
View reviewed changes
pkg/sca/sca.go Show resolved Hide resolved
smoser
smoser approved these changes Oct 10, 2024
View reviewed changes
Copy link
Contributor

@smoser smoser left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This LGTM.

@xnox
Copy link
Contributor Author

xnox commented Oct 10, 2024

This design is basically the same as we are doing in Alpine, so it's certainly a valid approach. One thing to be aware of is that you probably want to also add virtual dependencies for CMake modules, since CMake decided to NIH the pkg-config concept...

i was going to do cmake modules separately and later; we still have cmake bootstrap cycles and not enough things that can provide cmake modules actually do yet. Also not sure about which way the NIH - i somehow suspect Cmake modules were there first =) however CMake is a programming language, not just declarative files so it definitely is not the most straight forward one.

@xnox
Copy link
Contributor Author

xnox commented Oct 10, 2024

@kaniini thank you for your code implementation, it was and still is absolutely correct and didn't need any changes, so happy to finally getting around to rolling this out.

@xnox xnox merged commit e89965b into chainguard-dev:main Oct 10, 2024
33 of 35 checks passed
@xnox
Copy link
Contributor Author

xnox commented Nov 5, 2024

There is small fallout from this change, but which is also expected. if generated "depend = pc:foo" has more than one package that provides such pc file, an explicit choice needs to be made as to which one it is desired for a given -dev package to depend on. So far it has been obvious, but it might be a case when any might want to be desired to be supported. In such cases we might need to suppress such dependency.

@xnox xnox mentioned this pull request Nov 5, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smoser smoser smoser approved these changes

@dustinkirkland dustinkirkland Awaiting requested review from dustinkirkland

@jonjohnsonjr jonjohnsonjr Awaiting requested review from jonjohnsonjr

@joshrwolf joshrwolf Awaiting requested review from joshrwolf

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@xnox @mattmoor @philroche @dustinkirkland @kaniini @smoser